INSPECTOR GENERAL - OIG · In 2003, the 78th Texas Legislature created the Office of Inspector...

INSPECTOR GENERAL TEXAS HEALTH AND HUMAN SERVICES COMMISSION

TWO-YEAR ROLLING AUDIT PLAN Fiscal Years 2017 - 2018

December 2016

TABLE OF CONTENTS

INTRODUCTION .................................................................. 3

AUDIT AUTHORITY ............................................................. 4

AUDIT UNIVERSE ............................................................... 5

RISK ASSESSMENT ............................................................ 8

TYPES OF AUDITS ............................................................. 9

AUDITS IN PROGRESS ....................................................... 10

AUDIT PLAN .................................................................... 14

AUDIT REPORTS ISSUED IN FISCAL YEAR 2017 ...................... 21

IG Two-Year Rolling Audit Plan Page | 3

December 2016

INTRODUCTION

The Role of IG

In 2003, the 78th Texas Legislature created the Office of Inspector General to strengthen the

Health and Human Services Commission's (HHSC) capacity to combat fraud, waste, and abuse

in publicly funded state-run Health and Human Services programs.

The Inspector General's (IG) mission, as prescribed by statute, is the "prevention, detection,

audit, inspection, review, and investigation of fraud, waste, and abuse in the provision and

delivery of all health and human services in the state, including services through any state-

administered health or human services program that is wholly or partly federally funded, and the

enforcement of state law relating to the provision of these services."

IG's primary tools for detecting, deterring, and preventing fraud, waste, and abuse are audits

(conducted under the federal "Yellow Book" standard); investigations (conducted pursuant to

generally accepted investigative policies); and inspections (conducted under the federal "Silver

Book" standard).

IG Principles

Vision

To become the leading state IG in the country.

Values

Professionalism, Productivity, Perseverance.

Mission

To detect, prevent, and deter fraud, waste, and abuse through the audit, investigation, and

inspection of federal and state taxpayer dollars used to deliver health and human services in

Texas.


December 2016

AUDIT AUTHORITY

Texas Government Code Section 531.102 creates the IG, and gives the IG the responsibility to

audit fraud, waste, and abuse in the provision and delivery of all health and human services in

the state, including services through any state-administered health or human services program

that is wholly or partly federally funded.1

Section 531.102(h)(4) permits the IG to audit the use and effectiveness of state and federal funds,

including contract and grant funds, administered by a person or state agency receiving the funds

from a health and human services agency.2

Section 531.1025(a) permits the IG to conduct a performance audit of any program or project

administered or agreement entered into by the commission or a health and human services

agency.3

Section 531.113(d-1) mandates that the IG investigate, including by means of regular audits,

possible fraud, waste, and abuse by managed care organizations.4 Section 531.102(s) also

recognizes the IG's authority to utilize a peer-reviewed sampling and extrapolation process when

auditing provider records.5

1 Tex. Gov. Code § 531.102(a) (Sept. 1, 2015) 2 Tex. Gov. Code § 531.102(h)(4) (Sept. 1, 2015) 3 Tex. Gov. Code § 531.1025(a) (Sept. 1, 2015) 4 Tex. Gov. Code § 531.113(d-1) (Sept. 1, 2015) 5 Tex. Gov. Code § 531.102(s) (Sept. 1, 2015); See also 1 Tex. Admin. Code § 371.35 (May 15, 2016) wherein the

IG adopted RAT/STATS, statistical software available from the United States Department of Health and Human

Services Office of Inspector General and policies and procedures consistent with the mathematical processes for

sampling and overpayment estimation described in the Centers for Medicaid and Medicare Services Program

Integrity Manual.


December 2016

AUDIT UNIVERSE

The audit universe represents an inventory of all potential areas that can be audited, which are

commonly referred to as auditable units. The IG Audit Division defines its audit universe as the

departments, programs, functions, and processes within the Health and Human Services (HHS)

System, including services delivered through managed care, and services delivered through

providers and contractors.

HHS System6

Administrative Services

Information Technology

Financial Services

Procurement and Contracting Services

System Support Services

Legal

Programs

Medical and Social Services

Policy and Performance

Transformation

Department of Aging and Disability Services

o Regulatory Services

o State Supported Living Centers

o Program Operations

Department of Family and Protective Services

o Child Protective Services

o Adult Protective Services

o Statewide Intake

o Prevention and Early Intervention

o Child Care Licensing


Department of State Health Services

o Regulatory Services

o Disease Control and Prevention Services

o Regional and Local Health Services

o Family and Community Health Services

o State Hospitals


6 Based on the HHS System organizational charts effective September 1, 2016.


December 2016

Managed Care

Managed Care Entities and Subcontractors

Managed Care Organizations

Dental Maintenance Organizations

Behavioral Health Organizations

Pharmacy Benefit Managers

Third Party Administrators

Managed Care Programs

Children’s Health Insurance Program (CHIP)

Texas Dual Eligible Integrated Care Project (Medicare-Medicaid Plans)

STAR

STAR+PLUS

STAR Kids

STAR Health

NorthSTAR7

Services Delivered Through Providers and Contractors

The audit universe includes the services delivered through providers and contractors that support

the HHS System programs and managed care sections listed above. These services are

categorized into two groups: (a) Medicaid and CHIP services, and (b) other services.

Medicaid and CHIP Services

The list of Medicaid and CHIP services was compiled by reviewing the Medicaid and CHIP

expenditures included in the U.S. Department of Health and Human Services Centers for

Medicare and Medicaid Services (CMS) 64 reports and CMS 21 reports.

Behavioral Health Services

Case Management (Primary Care &

Targeted)

Clinic Services

Critical Access Hospital Services

Dental Services

Diagnostic Screening and

Preventative Services

Emergency Hospital Services

Emergency Services for

Undocumented Aliens

7 NorthSTAR program ends December 31, 2016.

EPSDT Screening Services

Family Planning

Federally-Qualified Health Center

Services

Freestanding Birth Center Services

Health Home for Enrollees with

Chronic Conditions

Health Services Initiatives

Home and Community-Based

Services

Home Health Services


December 2016

Hospice

Inpatient Hospital Services

Inpatient Mental Health Facility

Services

Intermediate Care Facility Services

(Private & Public)

Laboratory and Radiological

Services

Medical Equipment

Medical Transportation

Non-Emergency Medical

Transportation

Nurse Mid-Wife

Nurse Practitioner Services

Nursing Facility Services

Occupational Therapy

Other Care Services

Other Practitioners Services

Outpatient Hospital Services

Outpatient Mental Health Facility

Services

Personal Care Services

Physical Therapy

Physician and Surgical Services

Prescribed Drugs

Private Duty Nursing

Programs of All-Inclusive Care

Elderly

Prosthetic Devises, Dentures, and

Eyeglasses

Rehabilitative Services (non-school-

based)

Rural Health Clinic Screening

Services

School Based Services

Services for Speech, Hearing, and

Language

Sterilizations

Therapy Services

Tobacco Cessation for Pregnant

Women

Translation and Interpretation

Vision

Other Services

Other services includes services provided by the HHS System programs that are delivered

through providers and contractors for which there is no federal financial participation through

Title XIX (Medicaid) or Title XXI (CHIP).


December 2016

RISK ASSESSMENT

The IG Audit Division conducts a continuous risk assessment to identify potential audit topics

for inclusion in its Two-Year Rolling Audit Plan. Potential audit topics consist of programs,

services, providers, and contractors with an elevated potential for fraud, waste, and abuse.

We identify potential audit topics from a variety of methods, such as:

Coordinating with the HHS Internal Audit Divisions

Reviewing past, current, and planned work performed by external organizations, which

include

o Texas State Auditor's Office (SAO)

o U.S. Department of Health and Human Services Office of Inspector General

(DHHS OIG)

o U.S. Department of Agriculture Office of Inspector General (USDA OIG)

o U.S. Government Accountability Office (GAO)

o U.S. DHHS Centers for Medicare and Medicaid Services (CMS)

Conducting interviews with HHS management and staff, and external stakeholders

Coordinating with the IG Inspections Division and IG Investigations Division

Reviewing the results of external reviews conducted on managed care organizations

Analyzing data of services delivered through providers and contractors

Viewing relevant Texas Legislature Hearings

Requesting referrals from within the IG, the HHS System, and the public8

After compiling the list of potential audit topics, the IG Audit Division considers several factors

to select audits for its Two-Year Rolling Audit Plan:

Requests from the legislature and executive management

Current oversight activities, including internal and external audits

Public interest

Available resources

8 The public are encouraged to report suspected fraud, waste, or abuse by recipients or providers in Texas HHS

programs by calling the IG toll-free Integrity Line at 1-800-436-6184 or submitting a referral online:

https://oig.hhsc.texas.gov/report-fraud

https://oig.hhsc.texas.gov/report-fraud


December 2016

TYPES OF AUDITS

The IG Audit Division conducts risk-based performance, provider, and information technology

audits related to (a) services delivered through medical providers and contractors and

(b) programs, functions, processes, and systems within the HHS System, to help identify and

reduce fraud, waste, abuse, and mismanagement. While there are sometimes variations in which

audit type is performed for a given entity being audited, the categories are generally defined as

follows.

Performance Audits - Review the effectiveness and efficiency of HHS System program

performance and operations. The IG Audit Division makes recommendations to mitigate

performance gaps and risks that could prevent HHS System programs from achieving

their goals and objectives. These audits may make recommendations that funds be put to

better use.

Provider Audits - Assess contractor or medical service provider compliance with criteria

contained in legislation, rules, guidance, or contracts, and to determine whether funds

were used as intended. These audits may identify questioned costs or unsupported costs.

Information Technology Audits - Assess compliance with applicable information

technology requirements and examine the effectiveness of general and application

controls for systems that support HHS System programs or are used by contractors or

business partners who process and store information on behalf of HHS programs. These

audits may make recommendations for information technology control improvements and

to mitigate security vulnerabilities.


December 2016

AUDITS IN PROGRESS

Performance Audits

Medicaid and CHIP Managed Care Organization Special Investigative Units - SIU

Resources, Activities, and Infrastructure

Objective

Determine the effectiveness of managed care organization (MCO) special investigative units

(SIU) performance in (a) preventing, detecting, and investigating fraud, waste, and abuse, and (b)

reporting reliable information on SIU activities, results, and recoveries to HHSC.

Scope

MCO SIUs for the period of September 2013 through August 2016, to include:

Processes and activities that support SIU fraud plans at Medicaid and CHIP MCOs and

subcontractors.

Policies and practices supporting the reporting of SIU activities and results to HHSC.

Information technology systems that support SIU processes, and related data.

Performance of Contractors Selected as Sole Source Procurements over $10 Million

An audit of one HHS agency contractor is being performed.

Objective

Determine whether (a) funds are used as intended and (b) contractors are performing in

accordance with contract requirements.

Scope

The most recent 12 to 18 months, to include:

Contractor and subcontractor processes and activities that ensure contract requirements

are met and funds are used as intended.

Policy and practices supporting contract deliverables and performance measures.

Information technology systems that support the reporting process, and related data.


December 2016

Utilization Management in Managed Care Organizations

Audits of three health plans are being performed.

Objective

Evaluate the effectiveness of acute care utilization management practices at selected MCOs in

ensuring that health care services provided were (a) medically necessary, (b) efficient, and (c)

comply with state and federal regulations.

Scope

Acute care utilization management practices and processes effective during the period

September 2013 through August 2015.

Activities of subcontractors involved with, or contracted to perform, utilization

management practices and processes on behalf of the MCO.

Assessment and Evaluation Practices at Long Term Care Nursing Facilities

An audit of one nursing facility is being performed.

Objective

Determine whether therapy services are provided consistent with physician orders and in

accordance with resident assessments and evaluations.

Scope

The assessment, evaluation, and billing for therapy practices for March 2015 through July 2016.

Texas Association of Local Governments Financial Review

Objective

Review contractor's adherence to requirements for contracts with HHS System agencies.

Determine whether State funds were used as intended according to contractual

requirements and recover State funds, if applicable.


December 2016

Scope

For the period of September 2014 through March 2016, to include:

Conducting site visits to contractor's locations to observe and evaluate activities relate to

the audit objectives.

Reviewing 100 percent of financial transactions for the contracts within scope to verify

validity, completeness, and accuracy.

Processes for Identifying and Preventing Eligibility Determination Errors

Preliminary Objective

Evaluate activities designed to identify and mitigate eligibility determination errors for SNAP,

TANF, Medicaid, and CHIP, including specific practices for:

Preventing or minimizing errors resulting in incorrect eligibility determinations.

Identifying and resolving incorrect eligibility determinations caused by agency error.

Provider Audits

Selected Vendor Drug Program Pharmacy Providers

An audit of one pharmacy is being performed.


Determine whether the vendor properly billed the Texas Medicaid Vendor Drug Program and

complied with contractual requirements and federal and state regulations, including Texas

Administrative Code rules.

Selected Durable Medical Equipment Providers


Determine whether selected durable medical equipment (DME) providers billed and were paid

for services and supplies in accordance with state and federal regulations and guidelines.


December 2016

Selected MCO Speech Therapy Providers

An audit of one provider is being performed.


Determine whether speech therapy providers:

Comply with Texas Medicaid provider enrollment guidance and applicable licensure and

certification requirements.

Follow criteria established for determining when discontinuation of therapy is

appropriate, in terms of:

o Duration

o Total number of visits

Information Technology Audits

Claims Management System IT Interfaces

Objective

Evaluate the adequacy of IT interface processing controls designed to:

Ensure data transmitted and processed is valid, complete, and accurate.

Protect data from unauthorized access, modification, and deletion.

Scope

Claims submitted for payment in March 2016 and June 2016.

Processes and controls over Medicaid provider claim payment data processed and

transmitted to and from relevant automated systems.

Monitoring and oversight of contractor activities relevant to the audit objective.

IT Security Assessment

An audit of one application is being performed.


Assess the effectiveness of logical and physical security controls over confidential information

stored and processed.


December 2016

AUDIT PLAN

The HHS System currently has over 54,000 employees responsible for managing approximately

$44.2 billion each year, and includes over 200 programs providing needed services to millions of

Texans.9 These programs are subject to federal and state regulations, statutes and rules, and

HHS agency and program policies. The programs, and the administrative and technical support

that enables them to function, are subject to funding constraints, policy changes, and changing

priorities. As a result, risks associated with functions within the HHS System are constantly

changing.

In an effort to be responsive to continuously changing risks and an evolving environment, the IG

Audit Plan contains two components. The first component focuses on the short term, and is used

in conjunction with a schedule of current audit projects and available staff to guide the utilization

of audit resources within the upcoming six-month period of time. The audit projects listed in the

section called “Audits IG Plans to Initiate During the Next Six Months,” while still subject to

change when needed to address near-term changes in the audit environment and to accommodate

executive management requests for audit services, is intended to represent the roadmap the IG

Audit Division plans to follow for the next several months. Audit projects will be planned and

initiated based on current priorities and availability of audit staff members needed to form audit

teams.

The second component, called “Potential Audit Topics - Fiscal Years 2017 Through 2018,”

covers the balance of the two year period. This section, which includes potential audit topics that

represent possibilities for future audit consideration, is updated with each new version of the

rolling audit plan, which will occur in three month intervals. Some potential topics will fall off

the list, and others will be added, reflecting changing risks and priorities.

The two components of the IG Rolling Audit Plan follow.

9 $44.2 billion represents the sum of the fiscal year 2016 HHS Agency Operating Budgets, which is approximately

$38.9 billion, in addition to the amount reported for Supplemental Nutrition Assistance Program (SNAP) benefits in

the State of Texas Schedule of Expenditures of Federal Awards for the year ended August 31, 2015, which is

approximately $5.3 billion.


December 2016

Audits IG Plans to Initiate During the Next Six Months

Proposed audit projects are listed below. While IG anticipates it will initiate the audits listed

below during the next six months, changing risks and priorities could result in some of the

planned audits not being initiated, or in other audits, not listed below, being initiated.

Performance Audits

STAR+PLUS Enrollment

Managed Care Pharmacy Benefit Manager Compliance

Performance of Third Party Recovery Contractor Managed by Claims Administrator

Dental Service Organizations (Informational Report)

Dental Management Organizational Comprehensive Review

HHS System Collections

Provider Audits


Selected Durable Medical Equipment (DME) Providers

Hospital Cost Reports

Selected MCO Speech Therapy Providers

Selected Home Health, Personal Care Services, and Home and Community-Based

Services Providers

Assessment and Evaluation Practices at Selected Long Term Care Nursing Facilities

Selected Women’s Health Program Providers

Selected Delivery System Reform Incentive Payments (DSRIP)

340b Program in Federally-Qualified Health Centers (FQHCs)


December 2016

Information Technology Audits

IT Security at Selected Contractors and Business Partners, and for HHS agency systems

and applications


December 2016

Potential Audit Topics - Fiscal Years 2017 Through 2018

The potential audits listed below are organized by program, process, or business area. The IG

Audit Division will update this list, based on changing risks and priorities, each time it issues a

new rolling audit plan. When IG plans to initiate a proposed audit listed in this section within

the following six months, it will remove the proposed audit from this section and list it in the

previous section, called “Audits IG Plans to Initiate During the Next Six Months.”

Medicaid

Managed Care

Accuracy and Usability of MCO Scorecards

Expedited Credentialing by MCOs

MCO Adjustment of Encounters After Collecting Overpayments from Providers

Cost Allocation of MCO Shared Services

Physician Administered Drug Rebate Processes in MCOs

MCO Behavioral Health Initiatives Funded With Medicaid Dollars

MCO Support for Quality Payments

MCO Prior Authorizations

Retrospective Utilization Management

Validity of Information Reported in MCO Deliverables

Quality and Completeness of MCO Encounter Data

Follow-up on MCO Corrective Action Plans

Duplicate Payments to MCOs

MCO Third Party Recovery Performance


December 2016

Medicaid Claims Administrator

Prior Authorization Processes

Effectiveness and Monitoring of Medicaid Claims Administrator Key Performance

Indicators

Pharmacy

Drug Destruction Practices at Selected Long Term Care Providers


Pharmacy Cost Methodologies (Informational Report)

STAR+PLUS

DME in STAR+PLUS

Recovery of Assets From Long Term Care Residents in Medicaid

STAR Kids

STAR Kids Implementation

Hospital

Hospital Audit (Topic to be Determined)

CHIP

CHIP Complaint Process

Eligibility

Duplicate Eligibility in TIERS

TIERS Access Controls

TIERS Processes and Workflows

Application and Database Security Assessment for TIERS

Effectiveness of TIERS Manual Workarounds


December 2016

SNAP

Out of State SNAP Expenditures

Able-Bodied Working Adults Without Dependents

Application and Database Security Assessment for Electronic Benefit Transfer (EBT)

Effectiveness of Edits Checks and Other Controls Related to Issuance and Activation of

EBT Cards

EBT Contract Procurement

SNAP Eligibility Interfaces

TANF

Accuracy of TANF Eligibility and Payments

TANF Eligibility Interfaces

Foster Care

Intake Processes - “V” (Victim) Coding on Medical Records

Foster Care Psychotropic Medication Utilization and Monitoring

Miscellaneous

Medically Dependent Children Program (MDCP) Enrollment

School and Health Related Services (SHARS)

Selected MHMR Contracts and Related Providers

Grants Management Processes at the Department of State Health Services

Selected Consumer Directed Services Providers

Selected Early Childhood Intervention Services Providers

Selected Family Violence Program Services Providers

Selected Client Services Providers


December 2016

Prescription Waste in Nursing Facilities

Electronic Visit Verification (EVV) Contractor Performance

Potential Duplicate Payments for Services Covered by STAR Health Procured Under

DFPS Child-Specific Contracts

-- Reminder of page left blank --


December 2016

AUDIT REPORTS ISSUED IN FISCAL YEAR 2017

IG issued the following audit reports between September 1, 2016 and November 30, 2016.

Audit Report Issue Date Key Findings

Acute Care Utilization

Management in Managed Care

Organizations (MCO) -

Superior HealthPlan, Inc.

November 30, 2016 Prior authorization request determinations did

not consistently meet timeliness requirements

Electronic prior authorization data was not

reliable for measuring timeliness

Noncompetitive Contractor

Procurements Over $10

Million - Alamo Area Council

of Governments (AACOG)

November 30, 2016 Improve AACOG's equipment accountability

and inventory processes

Medicaid and CHIP MCO

Special Investigative Units

(SIU) - Christus Health Plan

November 22, 2016 Scope of SIU investigation activities was

limited

SIU activities necessary to detect fraud, waste,

and abuse were not performed

Noncompetitive Contractor

Procurements Over $10

Million - PerkinElmer Health

Sciences, Inc.

November 22, 2012 DSHS should post an open market solicitation at

the end of the current contract term to determine

whether PerkinElmer remains the best value

offer for the state

Clinical Research Study to

Treat Traumatic Brain Injury

and Post-Traumatic Stress

Disorder in Veterans Brain

Synergy Institute (BSI)

November 22, 2016 The audit identified $278,441 in overpayments

to BSI for failing to follow the requirements of

the contract as amended and for treating the

same participants multiple times

BSI was not properly vetted and monitored to

ensure that it complied with the contract

Date post:	28-Apr-2018
Category:	Documents
Upload:	truongdieu
View:	215 times
Download:	1 times

INSPECTOR GENERAL - OIG · In 2003, the 78th Texas Legislature created the Office of Inspector...

Documents